hi...
you're right, for a single host (with eth0 your interface to internet), it goes like this:
Code:
iptables -t nat -A PREROUTING -i eth0 -d 200.0.0.1 -j DNAT --to-destination 172.16.46.1
iptables -t nat -A POSTROUTING -o eth0 -s 172.16.46.1 -j SNAT --to-source 200.0.0.1
ip addr add 200.0.0.1 dev eth0
Note that i precised the interface on the 2 iptables rules to avoid that traffic from 172.16.46.1 to the gateway itself (like if you ping your gateway as an exemple) be nated as well.
First line do the translation on the way from internet to LAN
Second line do it the other way around
Third line creates an alias on eth0 so that your gateway answers to arp queries and accept ip traffic to this IP as well as to its own.